# TurfTracker Environment Configuration
# Copy this file to .env and fill in your values

# Database Configuration
# You can use either individual fields OR a full DATABASE_URL (DATABASE_URL takes precedence)
DB_HOST=db
DB_PORT=5432
DB_NAME=turftracker
DB_USER=turftracker
DB_PASSWORD=password123
# DATABASE_URL=postgresql://turftracker:password123@db:5432/turftracker

# JWT Secret - REQUIRED: Used for signing authentication tokens
# Generate a secure random string (see README for generation commands)
# NEVER use the default value in production!
JWT_SECRET=your-super-secret-jwt-key-change-this-in-production

# Authentik OAuth2 Configuration (Optional)
# Configure these to enable SSO login through your Authentik instance
AUTHENTIK_CLIENT_ID=your-authentik-client-id
AUTHENTIK_CLIENT_SECRET=your-authentik-client-secret
AUTHENTIK_BASE_URL=https://your-authentik-domain.com
AUTHENTIK_CALLBACK_URL=https://turftracker.kaspers.us/api/auth/authentik/callback

# Weather API Configuration
# Get a free API key from https://openweathermap.org/api
WEATHER_API_KEY=5bae1b310158565c65f982d4074e803b

# Application URLs (automatically configured for production)
FRONTEND_URL=https://turftracker.kaspers.us

# Gmail OAuth2 Email Delivery
# Modern Gmail auth uses OAuth2/XOAUTH2, not basic SMTP passwords.
# Create an OAuth client in Google Cloud, grant Gmail API / mail scope access,
# then generate a refresh token for the mailbox that will send mail.
GMAIL_OAUTH_USER=jake@kaspers.us
GMAIL_OAUTH_CLIENT_ID=1057329953165-hjv7t8phjsl1r17qbnj1p5lo6os43h22.apps.googleusercontent.com
GMAIL_OAUTH_CLIENT_SECRET=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
GMAIL_OAUTH_REFRESH_TOKEN=1//043TOfuJGqQoYCgYIARAAGAQSNwF-L9IrgZ3I6TrEBcYqzqUGPmIUzQVT2y0GX0AQah-78MtFFP0oyH5L2T4ukCHJjy619_EWjyY
GMAIL_OAUTH_REDIRECT_URI=https://developers.google.com/oauthplayground
EMAIL_FROM_NAME=TurfTracking
EMAIL_FROM_ADDRESS=turftracker@kaspers.us

# Node Environment
NODE_ENV=development

# Port Configuration (optional - defaults are set)
PORT=5001
FRONTEND_PORT=3000